package com.thon.controller.system;

import java.io.IOException;
import java.util.Date;

import javax.persistence.Lob;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpSession;

import org.apache.commons.io.IOUtils;
import org.apache.commons.lang3.StringUtils;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.apache.shiro.SecurityUtils;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.http.HttpEntity;
import org.springframework.http.HttpStatus;
import org.springframework.http.ResponseEntity;
import org.springframework.stereotype.Controller;
import org.springframework.ui.Model;
import org.springframework.web.bind.annotation.PathVariable;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestMethod;
import org.springframework.web.bind.annotation.RequestParam;
import org.springframework.web.bind.annotation.ResponseBody;

import com.thon.commons.utils.Encodes;
import com.thon.controller.util.BaseController;
import com.thon.entity.user.User;
import com.thon.security.AuthcType;
import com.thon.security.CaptchaException;
import com.thon.security.CaptchaServlet;
import com.thon.service.user.UserService;

/**
 * @file ForgetController.java
 * @author thon
 * @email thon.ju@gmail.com
 * @date Aug 16, 2013 10:04:08 AM
 * @description 忘记密码相关操作
 */
@Controller
@RequestMapping(value = "/forget")
public class ForgetController extends BaseController {

	@Autowired
	private UserService userService;
	
	private static final Log log = LogFactory.getLog(ForgetController.class);

	@RequestMapping(method = RequestMethod.GET)
	public String forget() {
		return "forget-reset";
	}

	// AOP发送修改密码页面
	@RequestMapping(method = RequestMethod.POST)
	public String forgetPost(HttpServletRequest request) {
		String loginName = request.getParameter("loginName");
		User user = userService.getUserByEmail(loginName);
//		userService.sendMail2User(user);
		String passward = request.getParameter("code");
		user.setPlainPassword(passward);
		userService.updatePassword(user);
		return "forget-send";
	}

	// AJAX验证该邮箱是否存在
	@RequestMapping(value = "/check_login_name",method = RequestMethod.GET)
	@ResponseBody
	public Boolean checkLoginName(@RequestParam("loginName") String loginName) {
		if (userService.getUserByEmail(loginName) == null) {
			return false;
		} else {
			return true;
		}
	}
	@RequestMapping(value = "/check_captcha",method = RequestMethod.GET)
	@ResponseBody
	public Boolean checkCaptcha(@RequestParam(value = "captcha")String captcha){
		
		String exitCode = (String) SecurityUtils.getSubject().getSession().getAttribute(CaptchaServlet.KEY_CAPTCHA);
		
		if (null == captcha || !captcha.equalsIgnoreCase(exitCode)) {
			return false;
		}else {
			return true;
		}
	}

	// 提交激活码，并跳转到设置密码页面
	@RequestMapping(value = "/reset/account", method = RequestMethod.GET)
	public String forgetReset(//@RequestParam(value = "code", required = true)String code, 
							  @RequestParam(value = "login_name", required = true)String loginName,
							  Model model)
			throws IOException {

		if (StringUtils.isBlank(loginName)) {
			model.addAttribute("error",
					"Illegal request.Please copy from email again. ");
		}

		User user = userService.getUser(loginName, null);
		if (user == null) {
			model.addAttribute("error", "This account not exist.");
		}

		model.addAttribute("user", user);

		return "forget-reset";
	}

	// 修改密码
	@RequestMapping(value = "/reset", method = RequestMethod.POST)
	public ResponseEntity<HttpEntity> forgetResetPost(HttpServletRequest request) {
		
		int userId = Integer.valueOf(request.getParameter("uid"));
		String phone = userService.getUser(userId).getLoginName();
		String tmp = request.getParameter("code");
		HttpSession session = request.getSession();
		String code = (String) session.getAttribute(phone);
		if( tmp.equals(code) ) {
			String password = request.getParameter("password");
			User user = userService.getUser(userId);
			user.setPlainPassword(password);
			userService.resetPassword(user);
			return new ResponseEntity(HttpStatus.OK);
		}
		return new ResponseEntity(HttpStatus.FORBIDDEN);
	}
}
